GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,757 advisories
Filter by severity
Moodle CSRF risk in analytics management of models
High
CVE-2024-34008
was published
for
moodle/moodle
(Composer)
May 31, 2024
The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-5003
was published
Jun 7, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some...
High
Unreviewed
CVE-2024-6075
was published
Jul 15, 2024
The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions,...
Moderate
Unreviewed
CVE-2024-4382
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs,...
Moderate
Unreviewed
CVE-2024-4475
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-4474
was published
Jun 21, 2024
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations...
Moderate
Unreviewed
CVE-2024-5815
was published
Jul 17, 2024
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900,...
High
Unreviewed
CVE-2016-6277
was published
May 17, 2022
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects...
Moderate
Unreviewed
CVE-2024-37938
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO...
Moderate
Unreviewed
CVE-2024-37941
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site...
High
Unreviewed
CVE-2024-37213
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects...
Moderate
Unreviewed
CVE-2024-37939
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ...
High
Unreviewed
CVE-2024-37940
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows...
High
Unreviewed
CVE-2024-35773
was published
Jul 12, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40328
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal...
Moderate
Unreviewed
CVE-2024-39119
was published
Jul 2, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence...
High
Unreviewed
CVE-2024-23736
was published
Jul 2, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40038
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40035
was published
Jul 9, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1...
Moderate
Unreviewed
CVE-2024-6649
was published
Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3798
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API